Summary: I am getting an error when using join query inside document level security query.
Detailed steps are below.
I created an index using the below:
PUT /testindex
{
“mappings”:{
“properties”:{
“permission”:{
“type”:“join”,
“relations”:{
“acl”:“doc”
}
}
}
}
}
Then I created two records as follows:
PUT testindex/_doc/p1
{
“permission”:“acl”,
“id”:“p1”
}
PUT testindex/_doc/d1?routing=p1
{
“permission”:{
“name”:“doc”,
“parent”:“p1”
}
“id”:“d1”
}
Then I created a role “testrole” and a user “testuser” which is added to the role through rolemapping. The role has the following specs:
index pattern: “testindex”
permission group: “read”
document level security query:
{
“has_parent”:{
“parent_type”:“acl”,
“query”:{
“match_all”:{}
}
}
}
Then I can “GET testindex/_doc/d1?routing=p1” to access a document and get the below error
I am getting “unsupported_operation_exception: Query LateParsingQuery {joinField=permission#acl} does not implement createWeight” error when using has_parent in the document level security query.
Am doing something wrong here?
Appreciate your help.